Thư viện tri thức trực tuyến
Kho tài liệu với 50,000+ tài liệu học thuật
© 2023 Siêu thị PDF - Kho tài liệu học thuật hàng đầu Việt Nam
CEH lab book tieng viet phan1
Nội dung xem thử
Mô tả chi tiết
Gi·o trÏnh b‡i t壱p C|EH T‡i li羽u d‡nh cho h丑c viÍn
VSIC Education Corporation Trang 1
M映c L映c
B‡i 1:..................................................................................................................................... 3
FOOTPRINTING ................................................................................................................ 3
I/ Gi噂i thi羽u v隠 Foot Print:............................................................................................... 3
II/ C·c b‡i th詠c h‡nh: ...................................................................................................... 3
B‡i 1: TÏm thÙng tin v隠 Domain................................................................................... 3
B‡i 2: TÏm thÙng tin email ........................................................................................... 5
B‡i 2:..................................................................................................................................... 7
SCANNING.......................................................................................................................... 7
I/ Gi噂i thi羽u v隠 Scanning: ............................................................................................... 7
II/ C·c B‡i th詠c h‡nh....................................................................................................... 7
B‡i th詠c h‡nh 1: S穎 d映ng Ph亥n m隠m Nmap.................................................................. 7
B‡i th詠c h‡nh th泳 2: S穎 d映ng ph亥n m隠m Retina đ吋 ph·t hi羽n c·c vulnerabilities v‡ t医n
cÙng b茨ng Metaesploit framework................................................................................ 13
B‡i 3:................................................................................................................................... 18
SYSTEM HACKING......................................................................................................... 18
I/ Gi噂i thi羽u System Hacking:....................................................................................... 18
II/ Th詠c h‡nh c·c b‡i Lab ............................................................................................. 18
B‡i 1: Crack password n瓜t b瓜 n瓜i b瓜........................................................................ 18
B‡i 2: S穎 d映ng ch逢挨ng trÏnh pwdump3v2 khi cÛ đ逢嬰c 1 user administrator c栄a
m·y n衣n nh‚n đ吋 cÛ th吋 tÏm đ逢嬰c thÙng tin c·c user cÚn l衣i.................................... 20
B‡i Lab 3: N‚ng quy隠n thÙng qua ch逢挨ng trÏnh Kaspersky Lab ............................ 23
B‡i Lab 4: S穎 d映ng Keylogger................................................................................... 25
B‡i Lab 5: S穎 d映ng Rootkit v‡ xÛa Log file .............................................................. 27
B‡i 4:................................................................................................................................... 30
TROJAN v‡ BACKDOOR................................................................................................ 30
I/ Gi噂i thi羽u v隠 Trojan v‡ Backdoor:........................................................................... 30
II/ C·c b‡i th詠c h‡nh:.................................................................................................... 30
B‡i 1 S穎 d映ng netcat:................................................................................................. 30
B‡i 2: S穎 d映ng Trojan Beast v‡ detect trojan........................................................... 32
Mu嘘n s穎 d映ng Trojan Beast, ta c亥n ph違i x‚y d映ng 1 file Server c‡i lÍn m·y n衣n nh‚n, sau
đÛ file server n‡y s胤 l逸ng nghe 荏 nh英ng port c嘘 đ鵜nh v‡ t瑛 m·y t医n cÙng ta s胤 connect
v‡o m·y n衣n nh‚n thÙng qua c鰻ng n‡y. ........................................................................ 32
B‡i 3: S穎 d映ng Trojan d逢噂i d衣ng Webbase .............................................................. 35
B‡i 5:................................................................................................................................... 38
C£C PH姶愛NG PH£P SNIFFER..................................................................................... 38
I/ Gi噂i thi羽u v隠 Sniffer .................................................................................................. 38
B‡i 6:................................................................................................................................... 65
T医n CÙng t瑛 ch嘘i d鵜ch v映 DoS........................................................................................... 65
I/ Gi噂i thi羽u: .................................................................................................................. 65
II/ MÙ t違 b‡i lab: ............................................................................................................ 67
B‡i Lab 1: DoS b茨ng c·ch s穎 d映ng Ping of death. ................................................... 67
B‡i lab 2: DoS 1 giao th泳c khÙng s穎 d映ng ch泳ng th詠c(trong b‡i s穎 d映ng giao th泳c
RIP)............................................................................................................................. 69
B‡i Lab 3: S穎 d映ng flash đ吋 DDoS ............................................................................ 72
B‡i 7:................................................................................................................................... 74
Social Engineering ............................................................................................................. 74
I/ Gi噂i Thi羽u.................................................................................................................. 74
Gi·o trÏnh b‡i t壱p C|EH T‡i li羽u d‡nh cho h丑c viÍn
VSIC Education Corporation Trang 2
II/ C·c b‡i Lab:.............................................................................................................. 74
B‡i Lab 1: G穎i email n員c đÌnh kËm Trojan .............................................................. 74
B‡i 8:................................................................................................................................... 77
Session Hijacking ............................................................................................................... 77
I/ Gi噂i thi羽u:................................................................................................................... 77
II/ Th詠c hi羽n b‡i Lab........................................................................................................ 77
B‡i 9:................................................................................................................................... 80
Hacking Web Server.......................................................................................................... 80
I/ Gi噂i thi羽u: ................................................................................................................... 80
II/ Th詠c Hi羽n b‡i lab. ....................................................................................................... 80
B‡i Lab 1: T医n cÙng Web Server Win 2003(l厩i Apache).......................................... 80
B‡i lab 2: Khai th·c l厩i 泳ng d映ng Server U ............................................................. 84
B‡i 10:................................................................................................................................. 85
WEB APPLICATION HACKING.................................................................................... 85
I/ Gi噂i thi羽u:.................................................................................................................. 85
II/ C·c B‡i Lab............................................................................................................... 85
B‡i Lab 1: Cross Site Scripting.................................................................................. 85
B‡i Lab 2: Insufficient Data Validation .................................................................... 86
B‡i Lab 3: Cookie Manipulation ............................................................................... 88
B‡i Lab 4: Authorization Failure .............................................................................. 89
B‡i 11:................................................................................................................................. 91
SQL INJECTION .............................................................................................................. 91
I/ Gi噂i thi羽u v隠 SQL Injection:...................................................................................... 91
II/ Th詠c H‡nh B‡i Lab .................................................................................................. 94
B‡i 12:............................................................................................................................... 101
WIRELESS HACKING .................................................................................................. 101
I/ Gi噂i Thi羽u................................................................................................................. 101
II/ Th詠c h‡nh b‡i Lab: ................................................................................................ 101
B‡i 13:............................................................................................................................... 105
VIRUS .............................................................................................................................. 105
I/ Gi噂i thi羽u: (tham kh違o b‡i đ丑c thÍm)..................................................................... 105
II/ Th詠c h‡nh Lab: ...................................................................................................... 105
B‡i 1: Virus ph· h栄y d英 li羽u m·y ............................................................................ 105
B‡i 2: Virus gaixinh l‚y qua tin nh逸n...................................................................... 107
B‡i 14:............................................................................................................................... 111
BUFFER OVERFLOW................................................................................................... 111
I/ L˝ thuy院t.................................................................................................................. 111
II/ Th詠c h‡nh:.............................................................................................................. 118
Gi·o trÏnh b‡i t壱p C|EH T‡i li羽u d‡nh cho h丑c viÍn
VSIC Education Corporation Trang 3
B‡i 1:
FOOTPRINTING
I/ Gi噂i thi羽u v隠 Foot Print:
A‚y l‡ k悦 thu壱t gi˙p hacker tÏm ki院m thÙng tin v隠 1 doanh nghi羽p, c· nh‚n hay t鰻
ch泳c. B衣n cÛ th吋 đi隠u tra đ逢嬰c r医t nhi隠u thÙng tin c栄a m映c tiÍu nh運 v‡o k悦 thu壱t n‡y. VÌ d映
trong ph亥n th詠c h‡nh th泳 1 ch˙ng ta ·p d映ng k悦 thu壱t n‡y tÏm ki院m thÙng tin v隠 m瓜t
domain(vÌ d映 l‡ www.itvietnam.com) v‡ xem th穎 email liÍn l衣c c栄a domain n‡y l‡ c栄a ai,
trong ph亥n th詠c h‡nh th泳 2 ch˙ng ta truy tÏm 1 danh s·ch c·c email c栄a 1 keywork cho tr逢噂c,
ph逢挨ng ph·p n‡y hi羽u qu違 cho c·c doanh nghi羽p mu嘘n s穎 d映ng marketing thÙng qua hÏnh
th泳c email v.v. Trong giai do衣n n‡y Hacker c嘘 g逸ng tÏm c‡ng nhi隠u thÙng tin v隠 doanh
nghi羽p(thÙng qua c·c kÍnh internet v‡ phone) v‡ c· nh‚n(thÙng qua email v‡ ho衣t đ瓜ng c栄a
c· nh‚n đÛ trÍn Internet), n院u th詠c hi羽n t嘘t b逢噂c n‡y Hacker cÛ th吋 x·c đ鵜nh đ逢嬰c nÍn t医n
cÙng v‡o đi吋m y院u n‡o c栄a ch˙ng ta. VÌ d映 mu嘘n t医n cÙng domain www.itvietnam.com thÏ
Hacker ph違i bi院t đ逢嬰c đ鵜a ch雨 email n‡o l‡ ch栄 c˘a domain n‡y v‡ tÏm c·ch l医y password c栄a
email thÙng qua t医n cÙng mail Server hay sniffer trong m衣ng n瓜i b瓜 v.v. V‡ cu嘘i c˘ng l医y
đ逢嬰c Domain n‡y thÙng qua email ch栄 n‡y.
II/ C·c b‡i th詠c h‡nh:
B‡i 1: TÏm thÙng tin v隠 Domain
Ta v‡o trang www.whois.net đ吋 tÏm ki院m thÙng tin v‡ đ·nh v‡o domain mÏnh mu嘘n
tÏm ki院m thÙng tin
Sau đÛ ta nh壱n đ逢嬰c thÙng tin nh逢 sau: